Business Continuity Management vs Operational Resilience

VM7
Tera Contributor

Hi , 

I was looking into the definitions of the BCM vs Operational Resilience applications (see below), and I am not able to understand clearly what the difference is between these two apps? When would you use BCM only vs Operational Resilience ? Please help me understand. Thank you.

From ServiceNow Docs: The Operational Resilience application provides a continuous four-stage life cycle that helps your resilience managers and administrators to achieve your organization’s safety and well-being. You can prepare for and cope with the adverse events by anticipating, preventing, recovering from, and adapting to such events.

From ServiceNow Docs: The ServiceNow® Business Continuity Management (BCM) application gives your organization the capability to continue to deliver products and services at an acceptable level following a disruptive incident. The collaborative activities in this application aim to help identify and reduce risks that your organization may experience. After identifying risks and dependencies, you can then improve your ability to respond, react, and recover from critical issues and disruptions.

3 REPLIES 3

Aaron Duncan
Mega Sage

This is from what I understand at a high level is the difference between the two.

BCM refers more to the technical side of keeping the business running, such as making sure all equipment, software, and processes are in place to keep the business running. For example, if something happened to your datacenter host, what would the business do to keep their services going. 

I'm less familiar with the Operational Resilience side, but from what it sounds like, is it's more the personnel side of the business and keeping them working even if something unfortunate would happen in the environment.

 

Sebastien Fix
Giga Guru
Giga Guru

here is a great video about Op Resilience - which wasn't that clearly described before: 

https://www.youtube.com/watch?v=cZSTin-P4KE

 

Op Resilience requires at least IRM Pro and leverages ITSM and SecOps. It uses BIA too, but not in the BCM sense of RTO/RPO.

BCM module is more about Business Continuity Plans and Disaster Recovery Plans, as well as Exercises to test the Plans - and if a Crisis occurs, you can run the Plans. 

 

mariesmith
Kilo Contributor

In a nutshell, operational resiliency and continuity management are both crucial for businesses, especially in the finance sector where unexpected disruptions can wreak havoc.

Operational resiliency is all about anticipating, preparing for, and bouncing back from disruptions, whether it's a power outage or a data breach. It's about being able to adapt and recover swiftly.

On the other hand, continuity management, now emphasized by the Federal Financial Institutions Examination Council (FFIEC), is a broader concept. It's not just about having a plan to recover from disruptions but also about identifying and mitigating the risks that could cause those disruptions in the first place.

If you want to dive deeper into the topic, check out this article that explores business resiliency, continuity management, and how they intersect: https://www.ncontracts.com/nsight-blog/business-resiliency-continuity-planning-is-now-business-conti...